CVE-2018-4090

MEDIUM

Apple tvOS < 11.2.5 - Kernel Memory Read Restriction Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-4090. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates an information leak vulnerability in macOS (CVE-2018-4090) where uninitialized kernel memory is disclosed via the `vfs.generic.conf` sysctl interface due to a padding byte in the `vfsconf` structure.

Description

An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to bypass intended memory-read restrictions via a crafted app.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · cdosmacos

https://www.exploit-db.com/exploits/43923

View Code ZIP pw:eip

This exploit demonstrates an information leak vulnerability in macOS (CVE-2018-4090) where uninitialized kernel memory is disclosed via the `vfs.generic.conf` sysctl interface due to a padding byte in the `vfsconf` structure.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: macOS 10.13 (Darwin 17.0.0)

No auth needed

Prerequisites: Access to a vulnerable macOS system

MITRE ATT&CK